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REMARKS 

Claims 1,2, 10, 12, and 16 are pending in this application. All of the pending claims are 
rejected. Claims 1 and 10 are currently amended. Reconsideration and further examination are 
respectfully requested. 

The present invention helps solve the N 2 -l scalability problem caused by applying unique 
point-to-point security relationships for each unique pair of communicating devices. More 
particularly, the present invention helps solve this problem by applying the same security 
association to unrelated communications between non-overlapping pairs of devices. 
Ordinarily, applying a common security association for non-group communications would be 
considered an unacceptable security risk. Point-to-point associations were developed to avoid 
exposing such communications to other devices. However, the inventors recognized that the risk 
may be acceptable where the devices of the non-overlapping pairs are affiliated in some manner 
unrelated to the communication, e.g., members of the same VPN. In particular, the increased 
risk may be acceptable in view of the resulting enhanced scalability. Consequently, the inventors 
propose that a common group security association can be applied to unrelated (non-group) 
communications by trusted ingress and egress devices at the edge of a backbone. The claims are 
currently amended in an attempt to even more clearly express this feature. 

Claims 1 and 10 are rejected under 35 U.S.C. 103(a) as being unpatentable over US 

6,701,437 (Hoke) in view of US 7,072,346 (Hama) in view of US 7,092,397 (Chandran). The 

Examiner cites Chandran at column 2, lines 1-8, as teaching transforming packets according to a 

group security association. The cited passage states: 

then typically forwarded to another network, such as the Internet, 
via an edge router, for example. In the example above, each ISP 
can be assigned a unique MPLS- VPN tag that identifies traffic 
belong [sic] to that ISP. The MPLS- VPN tag can then be used 
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as a basis to apply security/QoS or any other defined policies on 
the traffic, (emphasis added) 

Because each ISP is assigned a unique MPLS-VPN tag that is used as the basis for applying 
security, the passage fails to meet the burden of teaching use of the same security association for 
unrelated communications between non-overlapping pairs of stations as currently recited in the 
claims. In particular, even if the Examiner interprets Chandran as teaching communication from 
a given ISP to multiple destinations with the same security association, the pairs would be 
overlapping because the ISP is part of every pair. Note that claims 1 and 10 now recite 
transforming, at the ingress point of the backbone, both the first packet for transmission from the 
first station to the second station, and the second packet for transmission from the third station to 
the fourth station, according to the group security association associated with the group identifier 
wherein the first packet is associated with a first point-to-point communication, the second 
packet is associated with a second point-to-point communication, and the first communication is 
unrelated to the second communication except that the first, second, third and fourth stations 
belong to the group of stations. In other words, the same security association is used for non- 
overlapping source/destination pairs. Withdrawal of the rejections of claims 1 and 10 is 
therefore requested. 

It should be noted for the record that the interpretation of Chandran discussed above is 
unsupported by the reference, either explicitly or implicitly. It is discussed because it is one 
possible interpretation of the rejection. However, as indicated at column 1, lines 14-39, 
Chandran is describing operation of a household cable modem that supports communications 
through different ISPs. As described at column 1, lines 56-65, the MPLS/VPN tag is applied 
before the CMTS, i.e., by the member device. Therefore, the passage cited by the Examiner 
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teaches that the cable modem and CMTS support different point-to-point security associations 
for each ISP. It does not teach that the same security association is applied to unrelated 
communications between both a first ISP/first subscriber pair and a second ISP/second 
subscriber pair. As a consequence, the cited combination fails to solve the N 2 -l scalability 
problem. Further, such an interpretation would pose an unreasonable security risk, and is 
therefore an unreasonable interpretation. Applying group security to non-group communications 
as recited in the claims is counter- intuitive because it increases risk relative to widely accepted 
point-to-point associations which exist for non-group secure communications. However, the 
inventors have recognized that a modest exposure to additional risk may be acceptable in 
exchange for mitigation of the N 2 -l scalability problem. In order to consider the claims as a 
whole the Examiner must appreciate the problem as well as the recited solution. It is not 
appropriate to cite elements from various passages and references out of context and state that 
the resulting collection of features would result in the invention without some nexus in the prior 
art. The source of a problem is part of the "subject matter as a whole" which should always be 
considered in determining the obviousness of an invention under 35 U.S. C. § 103. In re 
Sponnoble, 405 F.2d 578, 585, 160 USPQ 237, 243 (CCPA 1969). 

Claims 2, 12, 13 and 16 are dependent claims. If an independent claim is nonobvious 
under 35 U.S.C. 103, then any claim depending therefrom is nonobvious. In re Fine, 837 F.2d 
1071, 5 USPQ2d 1596 (Fed. Cir. 1988). The dependent claims are therefore allowable for the 
same reasons stated above with regard to their respective base claims. 

For these reasons, and in view of the above amendments, this application is now 
considered to be in condition for allowance and such action is earnestly solicited. Should there 
remain unresolved issues that require adverse action, it is respectfully requested that the 
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Examiner telephone Applicants' Attorney at the number listed below so that such issues may be 
resolved as expeditiously as possible. 



Respectfully Submitted, 



February 26, 2009 
Date 



/Holmes W. Anderson/ 

Holmes W. Anderson, Reg. No. 37,272 
Attorney/Agent for Applicant(s) 
Anderson Gorecki & Manaras LLP 
33 Nagog Park 
Acton, MA 01720 
(978) 264-4001 
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